Ph3Overview /h3pSenior Information Security GRC Specialist (f/m/d) at bAwin Global /b. The role leads and matures Awin’s global Information Security Governance, Risk, and Compliance (GRC) function by driving effective risk management, ensuring alignment with international frameworks and local regulatory requirements, and embedding a strong security governance culture across the business. This position acts as a senior advisor on security risks, supports strategic decision-making through risk insights, and ensures that internal control frameworks are robust and business-enabling. /ph3Responsibilities /h3ulliOwn and evolve Awin’s global information security risk management frameworks, ensuring alignment with international frameworks and relevant regulations. /liliLead enterprise-level security risk assessments for strategic projects, transformation initiatives, and third-party engagements, providing executive-ready recommendations. /liliManage the Information Security Risk Registers within the Hyperproof GRC platform. /liliAct as a senior advisor to the business on security risk posture, facilitating regular risk assessments, defining risk treatment plans, and maintaining the enterprise and tactical risk registers. /liliAct as a key point of contact for internal and external stakeholders on security matters. /liliProvide strategic oversight of the internal control framework rollout, partnering with senior stakeholders and regional teams to embed governance principles and ensure consistent risk mitigation across business units. /liliLead the security input to enterprise risk discussions, participating in governance forums and presenting key risks and mitigations to senior management and the board. /liliInfluence and support the integration of security-by-design principles into Product and Technology teams. /liliOversee the development and maintenance of incident response frameworks, including tabletop exercises and post-incident reviews, ensuring lessons learned are institutionalised. /liliStay abreast of evolving regulatory and threat landscapes, translating external developments into actionable internal strategy and control adjustments. /liliMentor and guide GRC team members, fostering professional development, high performance, and a collaborative culture. /liliSet KPIs and lead reporting of security governance and risk metrics to demonstrate programme effectiveness and drive continuous improvement. /liliRepresent GRC interests in cross-functional initiatives, ensuring security is embedded early and appropriately throughout the business lifecycle. /li /ulh3Qualifications /h3ulli5+ years of experience in an Information Security or IT Risk/Compliance role within a GRC function. /lili2+ years of experience as a lead or senior GRC professional. /liliProven experience working within an ISMS environment certified to ISO 27001. /liliStrong experience conducting and presenting security risk assessments to senior leadership and boards. /liliSolid understanding of security frameworks and standards: ISO 27001, NIST CSF, CIS, GDPR. /liliDemonstrated success in designing or overseeing internal control frameworks (e.g. ISO 27001, NIST CSF). /liliCertifications such as CISSP, CISA, CISM, CRISC, ISO 27001 Lead Auditor/Implementer. /liliExcellent written communication and documentation skills. /liliStrong attention to detail with a methodical and analytical mindset. /liliStrong stakeholder management skills with the ability to engage and influence at senior levels (up to board/C-level). /liliAbility to collaborate across departments and build stakeholder trust. /liliProactive and adaptable; comfortable working in a fast-paced, changing environment. /liliDemonstrates a project-oriented mindset with the ability to prioritise and manage competing tasks. /li /ulh3Our Offer /h3ulliFlexi-Week and Work-Life Balance: a four-day Flexi-Week at full pay with no reduction to annual holiday allowance, plus various paid special leaves. /liliFlexi-Office: international culture and flexibility through Flexi-Office and hybrid/remote work. /liliHealth Well Being: access to initiatives and sports offers to support mental and physical well-being. /liliDevelopment: Awin Academy with trainings to support professional and personal development. /liliRemote Working Allowance: monthly allowance for running costs and support for setting up a remote workspace. /liliAppreciation: peer-to-peer voucher program to recognise colleagues. /liliAdditional benefits available in multiple countries; discussed with talent team at initial interview. /li /ulpEstablished in 2000, Awin is proud of a dynamic, social, and inclusive culture. We encourage diversity and inclusion and welcome all backgrounds, identities, and experiences. If you need support during the application or interview process, please let us know. /ph3Job Details /h3ulliSeniority level: Mid-Senior level /liliEmployment type: Full-time /liliJob function: Information Technology /liliIndustries: Advertising Services /li /ul /p #J-18808-Ljbffr